VPN Concentrator with ACS

Unanswered Question
Nov 16th, 2007


I'm trying to get ACS to force users into a particular group when they authenticate on a VPN Concentrator. I have set the Class IETF attribute 25 and set OU=<groupname>;

However when i try to authenticate the debugs on the VPN3K say 'OU=<groupname>; does not point to a filter!'. However i have filters applied on the groups the same as a configuration example?

Is there something i could be missing?

Thanks in advance for your help!


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)

Make sure you check the authentication servers for the group. under the group itself (one of the tabs) make sure you have the correct authentication server and are not inheriting it from the default group.

the next thing i would check is under the login

configuration, there is a section on "group delimiter" and stripping attributes, make sure nothing is being removed when they login.



This Discussion